D49654.id153062.diff
No OneTemporary
Actions

Size

11 KB

Referenced Files

None

Subscribers

None

D49654.id153062.diff
View Options

	diff --git a/sys/contrib/openzfs/include/os/freebsd/spl/sys/vnode_impl.h.xattr b/sys/contrib/openzfs/include/os/freebsd/spl/sys/vnode_impl.h
	--- a/sys/contrib/openzfs/include/os/freebsd/spl/sys/vnode_impl.h.xattr
	+++ b/sys/contrib/openzfs/include/os/freebsd/spl/sys/vnode_impl.h
	@@ -226,6 +226,7 @@
	#define LOOKUP_XATTR 0x02 /* lookup up extended attr dir */
	#define CREATE_XATTR_DIR 0x04 /* Create extended attr dir */
	#define LOOKUP_HAVE_SYSATTR_DIR 0x08 /* Already created virtual GFS dir */
	+#define LOOKUP_NAMED_ATTR 0x10 /* Lookup a named attribute */

	/*
	* Public vnode manipulation functions.
	diff --git a/sys/contrib/openzfs/include/sys/xvattr.h.xattr b/sys/contrib/openzfs/include/sys/xvattr.h
	--- a/sys/contrib/openzfs/include/sys/xvattr.h.xattr
	+++ b/sys/contrib/openzfs/include/sys/xvattr.h
	@@ -310,6 +310,7 @@
	*/
	#define V_ACE_MASK 0x1 /* mask represents NFSv4 ACE permissions */
	#define V_APPEND 0x2 /* want to do append only check */
	+#define V_NAMEDATTR 0x4 /* is a named attribute check */

	/*
	* Structure used on VOP_GETSECATTR and VOP_SETSECATTR operations
	diff --git a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_acl.c.xattr b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_acl.c
	--- a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_acl.c.xattr
	+++ b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_acl.c
	@@ -2356,9 +2356,41 @@
	* In FreeBSD, we don't care about permissions of individual ADS.
	* Note that not checking them is not just an optimization - without
	* this shortcut, EA operations may bogusly fail with EACCES.
	+ *
	+ * If this is a named attribute lookup, do the checks.
	*/
	- if (zp->z_pflags & ZFS_XATTR)
	+ if ((zp->z_pflags & ZFS_XATTR)
	+#ifdef VIRF_NAMEDATTR
	+ && (flags & V_NAMEDATTR) == 0
	+#endif
	+ )
	return (0);
	+
	+ /*
	+ * If a named attribute directory then validate against base file
	+ */
	+ if (is_attr) {
	+ if ((error = zfs_zget(ZTOZSB(zp),
	+ zp->z_xattr_parent, &xzp)) != 0) {
	+ return (error);
	+ }
	+
	+ check_zp = xzp;
	+
	+ /*
	+ * fixup mode to map to xattr perms
	+ */
	+
	+ if (mode & (ACE_WRITE_DATA\|ACE_APPEND_DATA)) {
	+ mode &= ~(ACE_WRITE_DATA\|ACE_APPEND_DATA);
	+ mode \|= ACE_WRITE_NAMED_ATTRS;
	+ }
	+
	+ if (mode & (ACE_READ_DATA\|ACE_EXECUTE)) {
	+ mode &= ~(ACE_READ_DATA\|ACE_EXECUTE);
	+ mode \|= ACE_READ_NAMED_ATTRS;
	+ }
	+ }

	owner = zfs_fuid_map_id(zp->z_zfsvfs, zp->z_uid, cr, ZFS_OWNER);

	diff --git a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c.xattr b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
	--- a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c.xattr
	+++ b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
	@@ -1174,6 +1174,8 @@
	zfsvfs->z_use_sa = USE_SA(zfsvfs->z_version, zfsvfs->z_os);
	}

	+extern int zfs_xattr_compat;
	+
	static int
	zfs_domount(vfs_t vfsp, char osname)
	{
	@@ -1254,6 +1256,16 @@
	goto out;
	}

	+#ifdef VIRF_NAMEDATTR
	+ /*
	+ * Named attributes can only work if the xattr property is set to
	+ * on/dir and not sa. Also, zfs_xattr_compat must be set.
	+ */
	+ if ((zfsvfs->z_flags & ZSB_XATTR) != 0 && !zfsvfs->z_xattr_sa &&
	+ zfs_xattr_compat)
	+ vfsp->mnt_flag \|= MNT_NAMEDATTR;
	+#endif
	+
	vfs_mountedfrom(vfsp, osname);

	if (!zfsvfs->z_issnap)
	@@ -1777,6 +1789,14 @@
	err = vn_lock(*vpp, flags);
	if (err != 0)
	vrele(*vpp);
	+#ifdef VIRF_NAMEDATTR
	+ else if ((zp->z_pflags & ZFS_XATTR) != 0) {
	+ if ((*vpp)->v_type == VDIR)
	+ vn_irflag_set_cond(*vpp, VIRF_NAMEDDIR);
	+ else
	+ vn_irflag_set_cond(*vpp, VIRF_NAMEDATTR);
	+ }
	+#endif
	}
	if (err != 0)
	*vpp = NULL;
	@@ -1929,9 +1949,17 @@
	*vpp = ZTOV(zp);
	zfs_exit(zfsvfs, FTAG);
	err = vn_lock(*vpp, flags);
	- if (err == 0)
	+ if (err == 0) {
	vnode_create_vobject(*vpp, zp->z_size, curthread);
	- else
	+#ifdef VIRF_NAMEDATTR
	+ if ((zp->z_pflags & ZFS_XATTR) != 0) {
	+ if ((*vpp)->v_type == VDIR)
	+ vn_irflag_set_cond(*vpp, VIRF_NAMEDDIR);
	+ else
	+ vn_irflag_set_cond(*vpp, VIRF_NAMEDATTR);
	+ }
	+#endif
	+ } else
	*vpp = NULL;
	return (err);
	}
	diff --git a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c.xattr b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c
	--- a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c.xattr
	+++ b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c
	@@ -714,7 +714,12 @@
	/*
	* Do we have permission to get into attribute directory?
	*/
	- error = zfs_zaccess(zp, ACE_EXECUTE, 0, B_FALSE, cr, NULL);
	+ if (flags & LOOKUP_NAMED_ATTR)
	+ error = zfs_zaccess(zp, ACE_EXECUTE, V_NAMEDATTR,
	+ B_FALSE, cr, NULL);
	+ else
	+ error = zfs_zaccess(zp, ACE_EXECUTE, 0, B_FALSE, cr,
	+ NULL);
	if (error) {
	vrele(ZTOV(zp));
	}
	@@ -4477,8 +4482,16 @@
	* ZFS itself only knowns about VREAD, VWRITE, VEXEC and VAPPEND,
	*/
	accmode = ap->a_accmode & (VREAD\|VWRITE\|VEXEC\|VAPPEND);
	- if (accmode != 0)
	- error = zfs_access(zp, accmode, 0, ap->a_cred);
	+ if (accmode != 0) {
	+#ifdef VIRF_NAMEDATTR
	+ /* For named attributes, do the checks. */
	+ if ((vn_irflag_read(vp) & VIRF_NAMEDATTR) != 0)
	+ error = zfs_access(zp, accmode, V_NAMEDATTR,
	+ ap->a_cred);
	+ else
	+#endif
	+ error = zfs_access(zp, accmode, 0, ap->a_cred);
	+ }

	/*
	* VADMIN has to be handled by vaccess().
	@@ -4511,18 +4524,86 @@
	};
	#endif

	+#ifdef VIRF_NAMEDATTR
	static int
	zfs_freebsd_lookup(struct vop_lookup_args *ap, boolean_t cached)
	{
	struct componentname *cnp = ap->a_cnp;
	char nm[NAME_MAX + 1];
	+ int error;
	+ bool opennamed = false;
	+ struct vnode *vpp = ap->a_vpp, dvp = ap->a_dvp;
	+ struct vnode *xvp;
	+ bool is_nameddir, needs_nameddir;

	+ needs_nameddir = false;
	+ xvp = dvp;
	+ opennamed = (cnp->cn_flags & (OPENNAMED \| ISLASTCN)) ==
	+ (OPENNAMED \| ISLASTCN);
	+ is_nameddir = (vn_irflag_read(dvp) & VIRF_NAMEDDIR);
	+ if (is_nameddir && (cnp->cn_flags & ISLASTCN) == 0)
	+ return (ENOATTR);
	+ if (opennamed \|\| is_nameddir)
	+ cnp->cn_flags &= ~MAKEENTRY;
	+ if (opennamed) {
	+ if (!is_nameddir) {
	+ vpp = &xvp;
	+ needs_nameddir = true;
	+ }
	+ }
	ASSERT3U(cnp->cn_namelen, <, sizeof (nm));
	+ error = 0;
	+ if (!opennamed \|\| cnp->cn_namelen != 1 \|\| *cnp->cn_nameptr != '.') {
	+ strlcpy(nm, cnp->cn_nameptr, MIN(cnp->cn_namelen + 1,
	+ sizeof (nm)));
	+ error = zfs_lookup(dvp, nm, vpp, cnp, cnp->cn_nameiop,
	+ cnp->cn_cred, 0, cached);
	+ if (is_nameddir && error == 0 && (cnp->cn_namelen != 1 \|\|
	+ *cnp->cn_nameptr != '.') &&
	+ (cnp->cn_flags & ISDOTDOT) == 0) {
	+ if ((*vpp)->v_type == VDIR)
	+ vn_irflag_set_cond(*vpp, VIRF_NAMEDDIR);
	+ else
	+ vn_irflag_set_cond(*vpp, VIRF_NAMEDATTR);
	+ }
	+ }
	+ if (needs_nameddir && error == 0) {
	+ int flags;
	+
	+ flags = LOOKUP_XATTR \| LOOKUP_NAMED_ATTR;
	+ if ((cnp->cn_flags & CREATENAMED) != 0)
	+ flags \|= CREATE_XATTR_DIR;
	+ error = zfs_lookup(xvp, NULL, ap->a_vpp, NULL, 0,
	+ cnp->cn_cred, flags, B_FALSE);
	+ if (error == 0) {
	+ if ((cnp->cn_flags & LOCKLEAF) != 0)
	+ error = vn_lock(*ap->a_vpp, LK_SHARED);
	+ if (error == 0) {
	+ vn_irflag_set_cond(*ap->a_vpp, VIRF_NAMEDDIR);
	+ } else {
	+ vrele(*ap->a_vpp);
	+ *ap->a_vpp = NULL;
	+ }
	+ }
	+ if (xvp != dvp)
	+ vput(xvp);
	+ }
	+ return (error);
	+}
	+#else
	+static int
	+zfs_freebsd_lookup(struct vop_lookup_args *ap, boolean_t cached)
	+{
	+ struct componentname *cnp = ap->a_cnp;
	+ char nm[NAME_MAX + 1];
	+
	+ ASSERT3U(cnp->cn_namelen, <, sizeof (nm));
	strlcpy(nm, cnp->cn_nameptr, MIN(cnp->cn_namelen + 1, sizeof (nm)));

	return (zfs_lookup(ap->a_dvp, nm, ap->a_vpp, cnp, cnp->cn_nameiop,
	cnp->cn_cred, 0, cached));
	}
	+#endif

	static int
	zfs_freebsd_cachedlookup(struct vop_cachedlookup_args *ap)
	@@ -4545,12 +4626,28 @@
	zfsvfs_t *zfsvfs;

	zfsvfs = ap->a_dvp->v_mount->mnt_data;
	- if (zfsvfs->z_use_namecache)
	+ if (zfsvfs->z_use_namecache
	+#ifdef VIRF_NAMEDATTR
	+ && (ap->a_cnp->cn_flags & OPENNAMED) == 0
	+#endif
	+ )
	return (vfs_cache_lookup(ap));
	else
	return (zfs_freebsd_lookup(ap, B_FALSE));
	}

	+static int
	+zfs_check_attrname(const char *name)
	+{
	+ /* We don't allow '/' character in attribute name. */
	+ if (strchr(name, '/') != NULL)
	+ return (SET_ERROR(EINVAL));
	+ /* We don't allow attribute names that start with a namespace prefix. */
	+ if (ZFS_XA_NS_PREFIX_FORBIDDEN(name))
	+ return (SET_ERROR(EINVAL));
	+ return (0);
	+}
	+
	#ifndef _SYS_SYSPROTO_H_
	struct vop_create_args {
	struct vnode *a_dvp;
	@@ -4568,6 +4665,9 @@
	vattr_t *vap = ap->a_vap;
	znode_t *zp = NULL;
	int rc, mode;
	+#ifdef VIRF_NAMEDATTR
	+ bool is_nameddir;
	+#endif

	#if __FreeBSD_version < 1400068
	ASSERT(cnp->cn_flags & SAVENAME);
	@@ -4578,10 +4678,23 @@
	zfsvfs = ap->a_dvp->v_mount->mnt_data;
	*ap->a_vpp = NULL;

	- rc = zfs_create(VTOZ(ap->a_dvp), cnp->cn_nameptr, vap, 0, mode,
	- &zp, cnp->cn_cred, 0 /* flag /, NULL / vsecattr */, NULL);
	+ rc = 0;
	+#ifdef VIRF_NAMEDATTR
	+ is_nameddir = (vn_irflag_read(ap->a_dvp) & VIRF_NAMEDDIR) != 0;
	+ if (is_nameddir)
	+ rc = zfs_check_attrname(cnp->cn_nameptr);
	+#endif
	+
	if (rc == 0)
	+ rc = zfs_create(VTOZ(ap->a_dvp), cnp->cn_nameptr, vap, 0, mode,
	+ &zp, cnp->cn_cred, 0 /* flag /, NULL / vsecattr */, NULL);
	+ if (rc == 0) {
	*ap->a_vpp = ZTOV(zp);
	+#ifdef VIRF_NAMEDATTR
	+ if (is_nameddir)
	+ vn_irflag_set_cond(*ap->a_vpp, VIRF_NAMEDATTR);
	+#endif
	+ }
	if (zfsvfs->z_use_namecache &&
	rc == 0 && (cnp->cn_flags & MAKEENTRY) != 0)
	cache_enter(ap->a_dvp, *ap->a_vpp, cnp);
	@@ -4600,13 +4713,21 @@
	static int
	zfs_freebsd_remove(struct vop_remove_args *ap)
	{
	+ int error = 0;

	#if __FreeBSD_version < 1400068
	ASSERT(ap->a_cnp->cn_flags & SAVENAME);
	#endif

	- return (zfs_remove_(ap->a_dvp, ap->a_vp, ap->a_cnp->cn_nameptr,
	- ap->a_cnp->cn_cred));
	+#ifdef VIRF_NAMEDATTR
	+ if ((vn_irflag_read(ap->a_dvp) & VIRF_NAMEDDIR) != 0)
	+ error = zfs_check_attrname(ap->a_cnp->cn_nameptr);
	+#endif
	+
	+ if (error == 0)
	+ error = zfs_remove_(ap->a_dvp, ap->a_vp, ap->a_cnp->cn_nameptr,
	+ ap->a_cnp->cn_cred);
	+ return (error);
	}

	#ifndef _SYS_SYSPROTO_H_
	@@ -4764,6 +4885,11 @@
	#undef FLAG_CHECK
	*vap = xvap.xva_vattr;
	vap->va_flags = fflags;
	+
	+#ifdef VIRF_NAMEDATTR
	+ if ((vn_irflag_read(ap->a_vp) & (VIRF_NAMEDDIR \| VIRF_NAMEDATTR)) != 0)
	+ vap->va_vaflags \|= VA_NAMEDATTR_TYPE;
	+#endif
	return (0);
	}

	@@ -4906,16 +5032,25 @@
	vnode_t *fvp = ap->a_fvp;
	vnode_t *tdvp = ap->a_tdvp;
	vnode_t *tvp = ap->a_tvp;
	- int error;
	+ int error = 0;

	#if __FreeBSD_version < 1400068
	ASSERT(ap->a_fcnp->cn_flags & (SAVENAME\|SAVESTART));
	ASSERT(ap->a_tcnp->cn_flags & (SAVENAME\|SAVESTART));
	#endif

	- error = zfs_do_rename(fdvp, &fvp, ap->a_fcnp, tdvp, &tvp,
	- ap->a_tcnp, ap->a_fcnp->cn_cred);
	+#ifdef VIRF_NAMEDATTR
	+ if ((vn_irflag_read(fdvp) & VIRF_NAMEDDIR) != 0) {
	+ error = zfs_check_attrname(ap->a_fcnp->cn_nameptr);
	+ if (error == 0)
	+ error = zfs_check_attrname(ap->a_tcnp->cn_nameptr);
	+ }
	+#endif

	+ if (error == 0)
	+ error = zfs_do_rename(fdvp, &fvp, ap->a_fcnp, tdvp, &tvp,
	+ ap->a_tcnp, ap->a_fcnp->cn_cred);
	+
	vrele(fdvp);
	vrele(fvp);
	vrele(tdvp);
	@@ -5168,24 +5303,22 @@
	return (0);
	}
	return (EINVAL);
	+#ifdef VIRF_NAMEDATTR
	+ case _PC_NAMEDATTR_ENABLED:
	+ MNT_ILOCK(ap->a_vp->v_mount);
	+ if ((ap->a_vp->v_mount->mnt_flag & MNT_NAMEDATTR) != 0)
	+ *ap->a_retval = 1;
	+ else
	+ *ap->a_retval = 0;
	+ MNT_IUNLOCK(ap->a_vp->v_mount);
	+ return (0);
	+#endif
	default:
	return (vop_stdpathconf(ap));
	}
	}

	-static int zfs_xattr_compat = 1;
	-
	-static int
	-zfs_check_attrname(const char *name)
	-{
	- /* We don't allow '/' character in attribute name. */
	- if (strchr(name, '/') != NULL)
	- return (SET_ERROR(EINVAL));
	- /* We don't allow attribute names that start with a namespace prefix. */
	- if (ZFS_XA_NS_PREFIX_FORBIDDEN(name))
	- return (SET_ERROR(EINVAL));
	- return (0);
	-}
	+int zfs_xattr_compat = 1;

	/*
	* FreeBSD's extended attributes namespace defines file name prefix for ZFS'

File Metadata

Mime Type: text/plain
Expires: Mon, Feb 9, 3:28 AM (15 h, 57 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 28531611
Default Alt Text: D49654.id153062.diff (11 KB)

D49654.id153062.diffNo OneTemporaryActions

D49654.id153062.diffView Options

File Metadata

Event Timeline

D49654.id153062.diff
No OneTemporary
Actions

D49654.id153062.diff
View Options